On 8/19/22 13:48, Matus UHLAR - fantomas wrote: >>> On 19.08.22 10:47, Sam R wrote: >>>> So I am a little divided, >>>> On the one hand I think that port 25 is enough to transmit mails locally, >>> >>> I guess by "locally" you mean "on the local network". >>> >>> port 25 is standard for server-server communication, 465/587 are standard >>> for client-server communication where authentication is required/enforced. >>> >>>> on the other hand I think that an encryption would be better, especially on >>>> the dmz. > >> On 8/19/22 07:08, Matus UHLAR - fantomas wrote: >>> I'd say "especially for connections crossing not-secured network". >>> mails within LAN/DMZ should be safe unencrypted, unless you have reason not >>> to trust the network or someone on it. > > On 19.08.22 09:09, Demi Marie Obenour wrote: >> Google made this assumption and it turned out to be wrong. Use mutually >> authenticated TLS. > > what are you talking about? > because I have access to private networks where this is not an issue.
See Snowden leaks. -- Sincerely, Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
